[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: out-of-band key management is like virtual circuits
Hi Dan.
In IEEE 802.10, when we were developing the Secure Data Exchange (SDE)
Protocol, this same "in-line" key issue surfaced. It was resolved in a
manner that has not been considered by the IETF. The solution has pros and
cons, but I think that it should be considered before a decision is made.
SDE has a 32-bit SAID that is followed by an optional field, called the
Management Defined Field (MDF). DEC pushed very hard for this field
because they wanted the SAID to identifiy a Master Key that would be used
to decrypt the contents of the MDF. The MDF carried the key or keys to
decrypt and/or check the integrity of the payload.
SKIP is the same idea. SKIP sderives the Master Key using D-H key
agreement instead of out-of-band master key distribution.
This alternative would permit the approach advocated by DEC, and it would
accompdate the SKIP approach.
Using a bit in the SAID to indicate the presence/absence of the MDF (or
whatever we call it for IPSP) would avoid the need for a key management
protocol to negotiate the attributes for the security association. Perhaps
a reserved SAID would indicate that the key management technique used by
SKIP should be used to generate the key to decrypt the MDF.
I just do not see why we cannot architect an IP layer security protocol
that permits both types of key management.
More food for thought....
Russ